The latest articles on DEV Community by omotosho joseph (@josephomotosho). https://dev.to/josephomotosho https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F437933%2F30810d0f-51bb-40a4-aa44-e3e12274b23e.jpeg https://dev.to/josephomotosho en omotosho joseph Wed, 03 Jul 2024 21:31:49 +0000 https://dev.to/josephomotosho/automating-user-and-group-creation-with-bash-a-practical-guide-38ne https://dev.to/josephomotosho/automating-user-and-group-creation-with-bash-a-practical-guide-38ne <p>As a SysOps engineer, managing user accounts and groups efficiently is a crucial task. Automation through scripting can significantly streamline this process, ensuring consistency and saving time. In this guide, we'll walk through a bash script that automates the creation of users and groups based on a provided text file. This script also sets up home directories, generates random passwords, and securely logs all actions.</p> <h2> Script Overview </h2> <p>Our script, <code>create_users.sh</code>, performs the following tasks:</p> <ol> <li>Reads a text file containing usernames and group names.</li> <li>Creates users and personal groups.</li> <li>Assigns users to additional groups.</li> <li>Generates and assigns random passwords.</li> <li>Logs all actions to <code>/var/log/user_management.log</code>.</li> <li>Stores passwords securely in <code>/var/secure/user_passwords.txt</code>.</li> </ol> <p>Script Breakdown</p> <p><strong>Input Validation</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="k">if</span> <span class="o">[</span> <span class="nv">$# </span><span class="nt">-ne</span> 1 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Usage: </span><span class="nv">$0</span><span class="s2"> &lt;name-of-text-file&gt;"</span> <span class="nb">exit </span>1 <span class="k">fi</span> </code></pre> </div> <p><strong>File and Directory Setup</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nv">USER_FILE</span><span class="o">=</span><span class="nv">$1</span> <span class="nv">LOG_FILE</span><span class="o">=</span><span class="s2">"/var/log/user_management.log"</span> <span class="nv">PASSWORD_FILE</span><span class="o">=</span><span class="s2">"/var/secure/user_passwords.txt"</span> <span class="nb">mkdir</span> <span class="nt">-p</span> /var/secure <span class="nb">touch</span> <span class="nv">$PASSWORD_FILE</span> <span class="nb">chmod </span>600 <span class="nv">$PASSWORD_FILE</span> <span class="nb">touch</span> <span class="nv">$LOG_FILE</span> </code></pre> </div> <p><strong>Logging Function</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> log_action<span class="o">()</span> <span class="o">{</span> <span class="nb">echo</span> <span class="s2">"</span><span class="si">$(</span><span class="nb">date</span> <span class="s1">'+%Y-%m-%d %H:%M:%S'</span><span class="si">)</span><span class="s2"> - </span><span class="nv">$1</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$LOG_FILE</span> <span class="o">}</span> </code></pre> </div> <p><strong>Reading and Processing the Input File</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="k">while </span><span class="nv">IFS</span><span class="o">=</span><span class="s1">';'</span> <span class="nb">read</span> <span class="nt">-r</span> username <span class="nb">groups</span><span class="p">;</span> <span class="k">do </span><span class="nv">username</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$username</span> | xargs<span class="si">)</span> <span class="nb">groups</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$groups</span> | xargs<span class="si">)</span> <span class="o">[</span> <span class="nt">-z</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="o">]</span> <span class="o">&amp;&amp;</span> <span class="k">continue</span> ... <span class="k">done</span> &lt; <span class="nv">$USER_FILE</span> </code></pre> </div> <p><strong>User and Group Creation</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="k">if</span> <span class="o">!</span> getent group <span class="nv">$username</span> <span class="o">&gt;</span> /dev/null<span class="p">;</span> <span class="k">then </span>groupadd <span class="nv">$username</span> log_action <span class="s2">"Created group: </span><span class="nv">$username</span><span class="s2">"</span> <span class="k">fi if</span> <span class="o">!</span> <span class="nb">id</span> <span class="nt">-u</span> <span class="nv">$username</span> <span class="o">&gt;</span> /dev/null 2&gt;&amp;1<span class="p">;</span> <span class="k">then </span>useradd <span class="nt">-m</span> <span class="nt">-g</span> <span class="nv">$username</span> <span class="nt">-s</span> /bin/bash <span class="nv">$username</span> log_action <span class="s2">"Created user: </span><span class="nv">$username</span><span class="s2"> with personal group: </span><span class="nv">$username</span><span class="s2">"</span> <span class="k">fi</span> </code></pre> </div> <p><strong>Assigning Additional Groups</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="k">if</span> <span class="o">[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$groups</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">IFS</span><span class="o">=</span><span class="s1">','</span> <span class="nb">read</span> <span class="nt">-ra</span> ADDITIONAL_GROUPS <span class="o">&lt;&lt;&lt;</span> <span class="s2">"</span><span class="nv">$groups</span><span class="s2">"</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">ADDITIONAL_GROUPS</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span><span class="nv">group</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$group</span> | xargs<span class="si">)</span> <span class="k">if</span> <span class="o">!</span> getent group <span class="nv">$group</span> <span class="o">&gt;</span> /dev/null<span class="p">;</span> <span class="k">then </span>groupadd <span class="nv">$group</span> log_action <span class="s2">"Created group: </span><span class="nv">$group</span><span class="s2">"</span> <span class="k">fi </span>usermod <span class="nt">-aG</span> <span class="nv">$group</span> <span class="nv">$username</span> log_action <span class="s2">"Added user </span><span class="nv">$username</span><span class="s2"> to group: </span><span class="nv">$group</span><span class="s2">"</span> <span class="k">done fi</span> </code></pre> </div> <p><strong>Generating and Storing Passwords</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nv">PASSWORD</span><span class="o">=</span><span class="si">$(</span>openssl rand <span class="nt">-base64</span> 12<span class="si">)</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">:</span><span class="nv">$PASSWORD</span><span class="s2">"</span> | chpasswd log_action <span class="s2">"Set password for user: </span><span class="nv">$username</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">,</span><span class="nv">$PASSWORD</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$PASSWORD_FILE</span> </code></pre> </div> <p><strong>Conclusion</strong></p> <p>This bash script automates the user management process, ensuring efficiency and security. By integrating this script into your system administration routine, you can handle user accounts and groups with ease.</p> <p>For more resources and to explore internship opportunities, visit <a href="https://hng.tech/internship">HNG Internship</a> and <a href="https://hng.tech/hire">HNG Hire</a>.</p>